tl;dr – For security reasons, we’ve completely disabled SSLv3 access to both the Sendwithus API and web app. Affected customers will need to take action to ensure they’re not attempting SSLv3 connections with our API.

Google recently uncovered a flaw in SSL 3.0, nicknamed “POODLE“, that exposes a major security vulnerability to all HTTP connections using SSL 3.0. This may include older servers and web browsers.

In response to this announcement, our hosting provider has disabled all SSL 3.0 connectivity to both our API and web app, effective Midnight, Oct 17, 2014. Most major hosting and service providers are doing the same.

This means any attempted SSL 3.0 connection to the Sendwithus API or web app will result in connection failure. In most cases, customers will remain unaffected. However, in some rare cases, Sendwithus customers may need to update their OpenSSL on their production servers in order to regain API connectivity.

More information on updating OpenSSL can be found here: https://alas.aws.amazon.com/ALAS-2014-426.html

We’re working directly with all known affected customers.

If you’re experiencing API problems as a result of this recent security change, do not hesitate to reach out and we will assist as best we can.

Posted in ProductTagged

Leave a Reply

Your email address will not be published. Required fields are marked *